Reports are circulating about a massive data leak dubbed the ‘Mother of all Breaches’ (MOAB) containing data from previous breaches and comprising 12 terabytes of information.
This spans 26 billion records and the leak is believed to be the largest ever discovered and includes records from thousands of meticulously compiled and reindexed leaks, breaches and privately sold databases. Adam Pilton, Cyber Security Consultant at CyberSmart, said: “This is a huge amount of data. In the physical world, 12 terabytes are equivalent to 15,600 filing cabinets.
“Although this is an exceptionally large amount of data we must take a step back from that and look at what the potential impact could truly be.
“Many individuals reuse usernames and passwords across multiple accounts, making them vulnerable to exploitation. Additionally, spear-phishing attacks and a surge in spam emails targeting individuals whose data is exposed are highly likely, posing a substantial risk to our security.
“Individuals who believe they are affected should change their passwords. We must all assume though that some of our data is held in this data set, as such we must take action to protect ourselves too.
“Enabling two-factor authentication is a significant step in protecting ourselves against attacks that involve breached credentials.
“As always, people play a significant role in security. Ensuring that we are trained and aware of the threats faced, as well as how to respond will make a difference in preventing attacks and quickly identifying them.” Christian Scott, COO and CISO, Gotham Security, an Abacus Group Company, said: “While significant in size, the breach follows a pattern of malicious actors aggregating leaked credentials of several unrelated data breaches together into one database like COMB in 2021.
“Malicious actors are able to leverage these breached credentials at scale to conduct credential-stuffing attacks against other services and company accounts in an attempt to gain access to additional systems via reused passwords. Furthermore, this information allows malicious actors to infer commonly used passwords by staff at an organisation to perform curated password spraying attacks.”
Matt Cooke, Cybersecurity Strategist, EMEA at Proofpoint, said: “In recent years Proofpoint has observed cybercriminals using tactics to increasingly try to log in, not hack in, with a focus on identity theft. This latest leak appears to be a culmination of data from historic breaches, but the sheer scale of data available means it is likely we may see threat actors carrying out credential-based attacks in the coming weeks.
“Credential theft is nothing new globally, and in the UAE, our recent data revealed that among UAE organisations that experienced an attempted phishing attack last year, 86% of these were successful. Of these successful attacks, 26% resulted in credential theft and/or account compromise, where employees invertedly expose their credentials, giving threat actors access to sensitive data and their business accounts. “In light of this, Proofpoint urges all individuals to practice good password hygiene and make sure they are using unique passwords across all the services they use. They should look out for breach notifications from any services they use and change their password if their credentials may have been compromised. Always validate any breach notifications with the websites directly, as whilst we are yet to see any evidence of it, it’s quite possible scammers will leverage breach notifications as a topical means to trick their next victim. The noise in public surrounding the MOAB provides them with the pretext, so stay aware.”
Click below to share this article
